We have discovered ovinspecutions[.]com while analyzing websites that use shady advertising networks (e.g., torrent sites, illegal movie streaming pages). After testing the ovinspecutions[.]com, we learned that it uses a clickbait technique to get permission to show notifications and redirects to
µ-2246-digits-of-pi is the name or ransomware, a new variant of the DeezNuts Crypter ransomware. We have discovered this variant while examining malware samples submitted to VirusTotal. It was found that µ-2246-digits-of-pi encrypts files and inserts its name in their filenames. This ransom note p
While inspecting dubious sites, our research team discovered expressedsupply[.]com. This rogue webpage loads deceptive content, promotes browser notification spam, and causes redirects to other (likely untrustworthy/malicious) websites. Visitors to such sites typically access them via others that
Our team has examined this email and concluded that it is sent by scammers who seek to trick recipients into providing their passwords. The email is disguised as a letter from DHL (a legitimate logistics company)/a shipment notification. It contains an attachment (an HTML file) designed to open a
Toon Explorer is a browser extension promising easy access to cartoon-related online content. We discovered this piece of software while inspecting deceptive download websites. After analyzing Toon Explorer, we determined that it operates as advertising-supported software (adware). Adware
Magala is a Trojan-clicker that performs a form of ad fraud (click fraud). The purpose of this clicker is to connect to specific websites and drive traffic to them. It imitates clicks on those websites. Typically, Trojan-clickers are used to drain the budget of competitors paying for advertising.
During a routine inspection of new submissions on VirusTotal, our researchers found Cj - yet another ransomware belonging to the VoidCrypt family. We executed Cj's sample on our test system, and it began encrypting files and appending their filenames with a unique ID, the attackers' email address
We have discovered a new ransomware variant belonging to the Chaos family called BlackGT5327. It was found while checking the VirusTotal page for recently submitted malware samples. BlackGT5327 ransomware encrypts files and appends four random characters as their new extension. It also creates the
News-hetayi[.]cc is a deceptive web page designed to trick visitors into agreeing to receive notifications. Moreover, it can redirect visitors to other pages of this type. As a rule, pages like news-hetayi[.]cc are not visited on purpose. Our team has discovered news-hetayi[.]cc while inspecting p
Ourdailystories[.]com is a rogue site that promotes browser notification spam and redirects visitors to other (likely dubious/malicious) webpages. We discovered this page while inspecting untrustworthy websites. Ourdailystories[.]com and webpages akin to it are usually accessed inadvertently. Most